[23.0 backport] Fix exit-event handling for Kata runtime #44892
Merged
Commits on Jan 31, 2023
-
daemon: identify container exits by ProcessID
The Pid field of an exit event cannot be relied upon to differentiate exits of the container's task from exits of other container processes, i.e. execs. The Pid is reported by the runtime and is implementation- defined so there is no guarantee that a task's pid is distinct from the pids of any other process in the same container. In particular, kata-containers reports the pid of the hypervisor for all exit events. Update the daemon to differentiate container exits from exec exits by inspecting the event's ProcessID. The local_windows libcontainerd implementation already sets the ProcessID to InitProcessName on container exit events. Update the remote libcontainerd implementation to match. ContainerD guarantees that the process ID of a task (container init process) is set to the corresponding container ID, so use that invariant to distinguish task exits from other process exits. Signed-off-by: Cory Snider <csnider@mirantis.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.